NAME
    CGI::Upload - CGI class for handling browser file uploads

SYNOPSIS
     use CGI::Upload;

     my $upload = CGI::Upload->new;

     my $file_name = $upload->file_name('field');
     my $file_type = $upload->file_type('field');

     $upload->mime_magic('/path/to/mime.types');
     my $mime_type = $upload->mime_type('field');

     my $file_handle = $upload->file_handle('field');

DESCRIPTION
    This module has been written to provide a simple and secure manner by
    which to handle files uploaded in multipart/form-data requests through a
    web browser. The primary advantage which this module offers over
    existing modules is the single interface which it provides for the most
    often required information regarding files uploaded in this manner.

    This module builds upon primarily the CGI and File::MMagic modules and
    offers some tidy and succinct methods for the handling of files uploaded
    via multipart/form-data requests.

METHODS
    The following methods are available through this module for use in CGI
    scripts and can be exported into the calling namespace upon request.

    new This object constructor method creates and returns a new CGI::Upload
        object. In previously versions of CGI::Upload, a mandatory argument
        of the CGI object to be used was required. This is no longer
        necessary due to the singleton nature of CGI objects.

        As an experiment, you can now use any kind of CGI.pm like module.
        The requirements are that it has to support the ->param method and
        the ->upload method returning a file handle. You can use this
        feature in two ways, either providing the name of the module or an
        already existing object. In the former case, CGI::Upload will try to
        *require* the correct module and will *croak* if cannot load that
        module. It has been tested with CGI.pm and CGI::Simple.

        We tested it with CGI::Simple 0.075.

        It is known to break with version 0.071 of CGI::Simple so we issue
        our own die in such case.

        Examples:

         use CGI::Upload;
         CGI::Upload->new({ query => "CGI::Simple"});

        or

         use CGI::Upload;
         use CGI::Simple;
         $CGI::Simple::DISABLE_UPLOADS = 0;   # you have to set this before creating the instance
         my $q = new CGI::Simple;
         CGI::Upload->new({ query => $q});

    query
        Returns the CGI object used within the CGI::Upload class.

    file_handle('field')
        This method returns the file handle to the temporary file containing
        the file uploaded through the form input field named 'field'. This
        temporary file is generated using the new_tmpfile method of IO::File
        and is anonymous in nature, where possible.

    file_name('field')
        This method returns the file name of the file uploaded through the
        form input field named 'field' - This file name does not reflect the
        local temporary filename of the uploaded file, but that for the file
        supplied by the client web browser.

    file_type('field')
        This method returns the file type of the file uploaded as specified
        by the filename extension - Please note that this does not
        necessarily reflect the nature of the file uploaded, but allows CGI
        scripts to perform cursory validation of the file type of the
        uploaded file.

    mime_magic('/path/to/mime.types')
        This method sets and/or returns the external magic mime types file
        to be used for the identification of files via the mime_type method.
        By default, MIME identification is based upon internal mime types
        defined within the File::MMagic module.

        See File::MMagic for further details.

    mime_type('field')
        This method returns the MIME type of the file uploaded through the
        form input field named 'field' as determined by file magic numbers.
        This is the best means by which to validate the nature of the
        uploaded file.

        See File::MMagic for further details.

BUGS
    Please report bugs on RT:
    <http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Upload>

TODO
    Explain why there is no 100% tests coverage...

    Give inteligent error message when user forgets to add
    enctype="multipart/form-data" in the upload form.

    Add better MIME magic support (see request on RT)

    Test if multiple file uploads are supported and fix this if they are
    not.

    Apache::Request support

    CGI::Minimal support

    Example code from Mark Stosberg (CGI::Uploader):

      if ($q->isa('CGI::Simple') ) {
               $fh = $q->upload($filename); 
               $mt = $q->upload_info($filename, 'mime' );

               if (!$fh && $q->cgi_error) {
                       warn $q->cgi_error && return undef;
               }
       }
       elsif ( $q->isa('Apache::Request') ) {
                my $upload = $q->upload($file_field);
                    $fh = $upload->fh;
                    $mt = $upload->type;
       }
       # default to CGI.pm behavior
       else {
               $fh = $q->upload($file_field);
               $mt = $q->uploadInfo($fh)->{'Content-Type'} if $q->uploadInfo($fh);

               if (!$fh && $q->cgi_error) {
                       warn $q->cgi_error && return undef;
               }
       }

SEE ALSO
    CGI, File::MMagic, HTTP::File

COPYRIGHT
    Copyright 2002-2004, Rob Casey, rob.casey@bluebottle.com

AUTHOR
    Original author: Rob Casey, rob.casey@bluebottle.com

    Current mainainer: Gabor Szabo, gabor@pti.co.il

    Thanks to

    Mark Stosberg for suggestions.

    and to the CPAN Testers for testing.

LICENSE
    This library is free software; you can redistribute it and/or modify it
    under the same terms as Perl itself.